SSL at GNOME

Certificates are managed differently based on their issuer:

  1. Gandi - certificates.git on puppet-back

  2. Let's Encrypt - /srv/letsencrypt on puppetmaster01-back

Cloning the certificates.git should happen on the target machine itself:

ssh puppetmaster01-back
git clone /git/certificates.git

The list of the domains we cover via SSL will follow.

Gandi

  1. irc.gnome.org
  2. account.gnome.org

Let's Encrypt

Look into puppetmaster01.gnome.org:/srv/letsencrypt/configurations for all the subdomains that are covered.

Sysadmin/SSL (last edited 2018-04-12 16:09:07 by AndreaVeri)